Package com.netscape.cms.servlet.cert
Class RevocationProcessor
- java.lang.Object
-
- com.netscape.cms.servlet.processors.Processor
-
- com.netscape.cms.servlet.processors.CAProcessor
-
- com.netscape.cms.servlet.cert.CertProcessor
-
- com.netscape.cms.servlet.cert.RevocationProcessor
-
public class RevocationProcessor extends CertProcessor
- Author:
- Endi S. Dewata
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringOFF_HOLDstatic java.lang.StringON_HOLDstatic java.lang.StringREVOKE-
Fields inherited from class com.netscape.cms.servlet.processors.CAProcessor
ACL_INFO, ACL_METHOD, aclMethod, ARG_ERROR_CODE, ARG_ERROR_REASON, ARG_OP, ARG_OUTPUT_CONSTRAINT, ARG_OUTPUT_ID, ARG_OUTPUT_LIST, ARG_OUTPUT_NAME, ARG_OUTPUT_SYNTAX, ARG_OUTPUT_VAL, ARG_PROFILE, ARG_PROFILE_APPROVED_BY, ARG_PROFILE_DESC, ARG_PROFILE_ENABLED_BY, ARG_PROFILE_IS_ENABLED, ARG_PROFILE_IS_VISIBLE, ARG_PROFILE_NAME, ARG_PROFILE_REMOTE_ADDR, ARG_PROFILE_REMOTE_HOST, ARG_PROFILE_SET_ID, ARG_RENEWAL_PROFILE_ID, ARG_REQUEST_CREATION_TIME, ARG_REQUEST_ID, ARG_REQUEST_LIST, ARG_REQUEST_MODIFICATION_TIME, ARG_REQUEST_NONCE, ARG_REQUEST_NOTES, ARG_REQUEST_OWNER, ARG_REQUEST_STATUS, ARG_REQUEST_TYPE, ARG_REQUESTS, AUTH_ID, AUTH_MGR, authMgr, authz, AUTHZ_MGR, AUTHZ_RESOURCE_NAME, authzResourceName, CERT_ATTR, certdb, GET_CLIENT_CERT, getClientCert, HDR_LANG, PROFILE_ID, PROFILE_SUB_ID, profileID, profileSubId, ps, queue, statEvents, ug, ul
-
-
Constructor Summary
Constructors Constructor Description RevocationProcessor(java.lang.String id, java.util.Locale locale)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddCertificate(X509CertImpl cert)voidaddCertificateToRevoke(X509CertImpl cert)voidaddSerialNumberToUnrevoke(java.math.BigInteger serialNumber)voidauditChangeRequest(java.lang.String status)voidauditChangeRequestProcessed(java.lang.String status)voidcreateCRLExtension()voidcreateRevocationRequest()voidcreateUnrevocationRequest()ICertificateAuthoritygetAuthority()ICertRecordgetCertificateRecord(CertId id)ICertRecordgetCertificateRecord(java.math.BigInteger serialNumber)ICertRecord[]getCertificateRecords(java.math.BigInteger[] serialNumbers)java.util.Collection<X509CertImpl>getCertificates()X509CertImpl[]getCertificates(ICertRecord[] records)java.lang.StringgetComments()java.lang.StringgetInitiative()java.util.DategetInvalidityDate()IRequestgetRequest()RequestStatusgetRequestStatus()java.lang.StringgetRequestType()RevocationReasongetRevocationReason()CertIdgetSerialNumber()longgetStartTime()booleanisMemberOfSubsystemGroup(java.security.cert.X509Certificate clientCert)booleanisSystemCertificate(java.security.cert.X509Certificate cert)A system certificate such as the CA signing certificate should not be allowed to delete.voidlogRevoke(IRequest revocationRequest, java.security.cert.X509Certificate cert, java.lang.String status, java.lang.String message)voidlogUnrevoke(IRequest unrevocationRequest, java.security.cert.X509Certificate cert, java.lang.String status)voidprocessRevocationRequest()voidprocessUnrevocationRequest()voidsetAuthority(ICertificateAuthority authority)voidsetComments(java.lang.String comments)voidsetInitiative(java.lang.String initiative)voidsetInvalidityDate(java.util.Date invalidityDate)voidsetRequestStatus(RequestStatus requestStatus)voidsetRequestType(java.lang.String requestType)voidsetRevocationReason(RevocationReason revocationReason)voidsetSerialNumber(CertId serialNumber)voidsetStartTime(long startTime)voidvalidateCertificateToRevoke(java.lang.String subjectDN, ICertRecord targetRecord, boolean revokingCACert)-
Methods inherited from class com.netscape.cms.servlet.cert.CertProcessor
codeToReason, populateRequests, setCredentialsIntoContext, submitRequests
-
Methods inherited from class com.netscape.cms.servlet.processors.CAProcessor
auditGroupID, auditGroups, auditRequesterID, auditSubjectID, authenticate, authenticate, authenticate, authenticate, authenticate, authorize, authorize, authorize, endAllEvents, endTiming, getOriginalRequest, getProfileID, getProfileSubsystem, getRequest, getSSLClientCertificate, printParameterValues, saveAuthToken, startTiming, toHashtable, validateNonce
-
Methods inherited from class com.netscape.cms.servlet.processors.Processor
getParams, getUserMessage, log
-
-
-
-
Field Detail
-
REVOKE
public static final java.lang.String REVOKE
- See Also:
- Constant Field Values
-
ON_HOLD
public static final java.lang.String ON_HOLD
- See Also:
- Constant Field Values
-
OFF_HOLD
public static final java.lang.String OFF_HOLD
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
RevocationProcessor
public RevocationProcessor(java.lang.String id, java.util.Locale locale) throws EPropertyNotFound, EBaseException- Throws:
EPropertyNotFoundEBaseException
-
-
Method Detail
-
getAuthority
public ICertificateAuthority getAuthority()
-
setAuthority
public void setAuthority(ICertificateAuthority authority)
-
getStartTime
public long getStartTime()
-
setStartTime
public void setStartTime(long startTime)
-
getInitiative
public java.lang.String getInitiative()
-
setInitiative
public void setInitiative(java.lang.String initiative)
-
getSerialNumber
public CertId getSerialNumber()
-
setSerialNumber
public void setSerialNumber(CertId serialNumber)
-
getRevocationReason
public RevocationReason getRevocationReason()
-
setRevocationReason
public void setRevocationReason(RevocationReason revocationReason)
-
getInvalidityDate
public java.util.Date getInvalidityDate()
-
setInvalidityDate
public void setInvalidityDate(java.util.Date invalidityDate)
-
getComments
public java.lang.String getComments()
-
setComments
public void setComments(java.lang.String comments)
-
getRequestType
public java.lang.String getRequestType()
-
setRequestType
public void setRequestType(java.lang.String requestType)
-
getRequestStatus
public RequestStatus getRequestStatus()
-
setRequestStatus
public void setRequestStatus(RequestStatus requestStatus)
-
addCertificate
public void addCertificate(X509CertImpl cert)
-
getCertificates
public java.util.Collection<X509CertImpl> getCertificates()
-
getRequest
public IRequest getRequest()
-
isMemberOfSubsystemGroup
public boolean isMemberOfSubsystemGroup(java.security.cert.X509Certificate clientCert)
-
validateCertificateToRevoke
public void validateCertificateToRevoke(java.lang.String subjectDN, ICertRecord targetRecord, boolean revokingCACert) throws EBaseException- Throws:
EBaseException
-
addCertificateToRevoke
public void addCertificateToRevoke(X509CertImpl cert)
-
addSerialNumberToUnrevoke
public void addSerialNumberToUnrevoke(java.math.BigInteger serialNumber) throws EBaseException- Throws:
EBaseException
-
getCertificateRecords
public ICertRecord[] getCertificateRecords(java.math.BigInteger[] serialNumbers) throws EBaseException
- Throws:
EBaseException
-
getCertificateRecord
public ICertRecord getCertificateRecord(CertId id) throws EBaseException
- Throws:
EBaseException
-
getCertificateRecord
public ICertRecord getCertificateRecord(java.math.BigInteger serialNumber) throws EBaseException
- Throws:
EBaseException
-
getCertificates
public X509CertImpl[] getCertificates(ICertRecord[] records) throws EBaseException
- Throws:
EBaseException
-
createCRLExtension
public void createCRLExtension() throws java.io.IOException- Throws:
java.io.IOException
-
createRevocationRequest
public void createRevocationRequest() throws EBaseException- Throws:
EBaseException
-
processRevocationRequest
public void processRevocationRequest() throws EBaseException- Throws:
EBaseException
-
createUnrevocationRequest
public void createUnrevocationRequest() throws EBaseException- Throws:
EBaseException
-
processUnrevocationRequest
public void processUnrevocationRequest() throws EBaseException- Throws:
EBaseException
-
isSystemCertificate
public boolean isSystemCertificate(java.security.cert.X509Certificate cert) throws EBaseExceptionA system certificate such as the CA signing certificate should not be allowed to delete. The main purpose is to avoid revoking the self signed CA certificate accidentally.- Throws:
EBaseException
-
logRevoke
public void logRevoke(IRequest revocationRequest, java.security.cert.X509Certificate cert, java.lang.String status, java.lang.String message)
-
logUnrevoke
public void logUnrevoke(IRequest unrevocationRequest, java.security.cert.X509Certificate cert, java.lang.String status)
-
auditChangeRequest
public void auditChangeRequest(java.lang.String status)
-
auditChangeRequestProcessed
public void auditChangeRequestProcessed(java.lang.String status)
-
-